Page MenuHomePhabricator
Create Task
Maniphest T565

control-port-filter ddos test
Open, NormalPublic
Actions

Description

In T448#10490, @HulaHoop wrote:
  • a query stress test - bombarding cpfp with a very high volume of valid requests. Does cpfp fail gracefully? How does it cope with a simulated DDoS?

Details

Impact
Normal

Related Objects

Event Timeline

Patrick created this task.Sep 30 2016, 2:17 AM
Herald added a project: Whonix. · View Herald TranscriptSep 30 2016, 2:17 AM
Herald added subscribers: entr0py, WhonixQubes. · View Herald Transcript
Patrick mentioned this in T448: support for Tor control protocol events (setevent) by Control Port Filter Proxy.Sep 30 2016, 2:17 AM
Patrick removed a project: Whonix 14.Nov 12 2016, 6:37 PM

discussion:
https://mailman.boum.org/pipermail/tails-dev/2016-November/011040.html

conclusion:

I guess we can use T16 for DDOS from external sources.

This ticket an attempt to contain damage by compromised workstations from ddos'ing the control port filter. Even if solved, still Tor could be ddos'ed. So I suggest to defer this ticket for a later release. The we perhaps solve it by using iptables as a limiter.

Patrick mentioned this in T566: control-port-filter add_onion unit test.Nov 12 2016, 6:38 PM
Whonix OLD Issue Tracker · PLEASE DO NOT POST NEW TICKETS HERE · OLD Issue Tracker - Unread Notifications · OLD Issue Tracker - Feed · OLD Issue Tracker - Open Issues · NEW Issue Tracker · Homepage · Blog · Forum · Legal · Imprint · Privacy Policy · Terms of Use · Disclaimer